package com.candy.control;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;

@Controller
public class TestController {


    @RequestMapping("toLogin")
    public String toLogin(){
        System.out.println("去登录");
        return "login";
    }


    @PostMapping("/toMain")
    public String toMain(){
        System.out.println("去主页");
        return "main";
    }

    @PostMapping("/toError")
    public String toError() {
        System.out.println("去失败的页面");
        return "error";
    }

    /**
     * 测试用户具有相应权限可以访问的操作
     * @return
     */
    @GetMapping("/cs")
    @ResponseBody
    @PreAuthorize("hasAnyAuthority('sys:user:delete')")
    public String cs(){
        System.out.println("说明你具有delete权限");
        return "说明你具有delete权限";
    }

    /**
     * 测试用户具有相应角色可以访问的操作
     * @return
     */
    @GetMapping("/test")
    @ResponseBody
    @PreAuthorize("hasRole('ROLE_admin')")
    public String test(){
        System.out.println("说明你具有ROLE_admin角色");
        return "说明你具有ROLE_admin角色";
    }

}